F5 Distributed Cloud API Security vs. Salt Security API Protection Platform

I believe it covers everything related to the applications' security aspects, but there are a lot of improvements that need to be made. For example, better granular controls like bot categories listed on the distributed console and a granular URL-based control for the rate-limiting option are needed.

Incentivized

Salt is highly recommended for anyone who wants to discover, monitor and protect their APIs against various types of attacks. Salt should not be used as a SIEM.

• It auto-discovers APIs, even the ones engineers forget to document. Then profiles them without needing changes to our codebase.
• Shadow API exposure.
• It's pretty decent at abnormal behavior detection.

Incentivized

• PII identification in API traffic.
• Divergence between API traffic and documentation (swagger files).
• Potential attacks with information to take counter measures.

• More accurate detection of advanced persistent threats (APTs) targeting APIs.
• A greater emphasis on checking APIs' schema and contract may prevent them from accepting misconfigurations or malicious input.
• More customized, dynamic, and targeted protection for high-value APIs or high-risk user groups.

Incentivized

• The platform could have more options for exporting detailed data from attackers' dashboards.
• The Attackers dashboard could also have more options of filters in order to support the investigations of the attack.
• The OAS analysis could present a more detailed view of the found issues.

-I believe the API security feature is quite stable -There are a lot of in depth control to acheive API security in granularity

Incentivized

Great product. Working with F5 for many years, we found the products F5 provided are all cutting edge technology. Although in F5 Distributed Cloud API Security we still have a lot to find out, but we believe this experience will be very good. Especially on the security side. Trust in F5.

Incentivized

Always available

Incentivized

Everything is perfect

Incentivized

Lo hacemos mediante un partner We did it through a partner

Incentivized

F5 Distributed Cloud API Security is our company looking forward product. With more and more API is using in both on prem, private cloud, public cloud and multi cloud environment, we as a financial institution, we are keep into the security settings to protect the information. That's the main reason we want to use this product.

Incentivized

We ran a short POC with Salt. Its data classification and attack replay features were impressive. What held us back was the limited support for hybrid deployments and poor integration into our CI/CD pipelines, as F5 did.

Incentivized

We tried controls offered by the IaaS providers but these were hard to manage and did not provide the visibility we wanted. We also protected APIs with a normal WAF but this was only helpful for assets we knew about and API attacks were not caught by the WAF.

very easy to integrate

Incentivized

• F5 Distributed Cloud API Security mitigates many API-related security threats, including bot attacks, DDoS, data breaches, and unauthorized access attempts.
• F5 Distributed Cloud API Security uses robust threat detection, machine learning, and real-time monitoring for speedier identification.
• Reductions in security events result in fewer breaches, reduced downtime, and lower attack remediation costs.

Incentivized

• Salt Security API Protection Platform has provided detailed information that is helping us to identify and investigate attacks in our environment